f78d82b2415db2e11c060f35651176cbc04289d8e5fadcfa3af032c0c2e7def8

Resubmissions

24-04-2024 16:50

240424-vb78xsdd83 10

Analysis

max time kernel
157s
max time network
146s
platform
android_x64
resource
android-x64-arm64-20240221-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240221-enlocale:en-usos:android-11-x64system
submitted
24-04-2024 16:50

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

MUNDOLATINO_9.8.apk
Size

10.1MB
MD5

8b6621a29bbcb69c3318c18d781ce5e9
SHA1

7e82dbe6ce37e54e2cc34d57827f01b5c081d4ce
SHA256

f78d82b2415db2e11c060f35651176cbc04289d8e5fadcfa3af032c0c2e7def8
SHA512

23c78b5f0477d892f25c18171e5ac9c4129aad1650230dc5940ef30aa13e5cffbbcc1c54fd4a966abadae5a1044ac62302424d12ea9a94758dd9d7d77f8b8c5c
SSDEEP

196608:19kYd7pyOZVDutq54+TsDZnxLclh/281hGAmoSr/eersYyu5ZDBEGUpg:fk47E4pR5ri1ah/vHvK/frss

Score

7^/10

collection credential_access discovery evasion impact

Malware Config

Signatures

Checks memory information 2 TTPs 1 IoCs

Checks memory information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

Processes:

mundolatino.apliblm

description	ioc	Process
File opened for read	/proc/meminfo	mundolatino.apliblm

Loads dropped Dex/Jar 1 TTPs 1 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

Processes:

mundolatino.apliblm

ioc	pid	Process
/data/user/0/mundolatino.apliblm/[email protected]	4698	mundolatino.apliblm

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

Processes:

mundolatino.apliblm

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	mundolatino.apliblm

Acquires the wake lock 1 IoCs

Processes:

mundolatino.apliblm

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	mundolatino.apliblm

Checks if the internet connection is available 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

Processes:

mundolatino.apliblm

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	mundolatino.apliblm

mundolatino.apliblm
1⤵
- Checks memory information
- Loads dropped Dex/Jar
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Checks if the internet connection is available
PID:4698

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

System Information Discovery

T1426

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/mundolatino.apliblm/databases/google_app_measurement_local.db

Filesize
16KB

MD5
84e19edb2ac1aeda2bb1a1e91b7de44c

SHA1
d6ac73d1be22e7a0727b1bad14a1f33f8f532e49

SHA256
86fa1712627c56902453699460f89dd5e3e00dd448911776c7d2993ae7c67c35

SHA512
302595994c906731d1cdedf4fd6cf21053a7f43fe86163bae675f322cd6404893740c9766bde8f39ea976a27dcc45a4c6428a6bbb950118e2bd64bc49c4c6f4f

Download Submit
/data/data/mundolatino.apliblm/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
53a010c9284ba51e67e4833fcf9a63e6

SHA1
fe87e5d71ab015b4297d632e0f245d7a3e5e456c

SHA256
2ff814b2ee594ed8a4cdcfe7cca7674a60371aef2fdfd7ce85068f8328ff3535

SHA512
45caef4b16795b98c45fa992c1cae570d93f1a7580dbd61c73020f359cb23653fd380e8447bb1fc28a51e91177e14485ae1e923bd455f6d6442a400cc5ab06ee

Download Submit
/data/data/mundolatino.apliblm/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
059135d72616f03b8c0a55946c4165be

SHA1
f6cb331693f376b27e5e1c200cbcfe699bc5c49a

SHA256
9ca45179d706d120345c3bd649b5b69bd1d3011c7b7c575336dd2dcd37fae0ff

SHA512
df92693bb68c2502ed20416b70e79d2d6b6e4e6f650778b9d8dd31d693e0ce553bc540ceff4f0a29c43126764bc65ea3ff21cda5341670edf2947cc395f2c5af

Download Submit
/data/data/mundolatino.apliblm/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
2414c2027283f7bad2ea2e8e33999e1b

SHA1
97540d0a654b835bce296ce10bc20c390f4609f0

SHA256
8784fa2123b5ff7bfbd6a1f33460e7fad486746392ab7939d66b82737349fbd8

SHA512
8609f914ad75e4ea65468f2866552748b752b39229790bcfa5badcaf0978ef7e18b8df0e4f90a403178542352ec0db8a8592a65ec109cdf224d35ca4d43b773d

Download Submit
/data/data/mundolatino.apliblm/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
a3d82d1560ff34e69155b9aede7d3907

SHA1
5d71c8605f8eb9c6a42ad50c5f273bf65d7fb27c

SHA256
04ccbbe52157c887ca3240f1ce0d6d43d1c8f18ae1375b24dddb33846db3744e

SHA512
9f5a9463e7038c3779b3f8df078b61ac7628d38beef6b2f8213257aa4f468c6aabeccf1ae8e511d6ab043a5a853c0439eeace9954a74c304f27b3f2571858add

Download Submit
/data/data/mundolatino.apliblm/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
cfe19c6af392cd5ae74ff1746f49dd03

SHA1
3d2e4892e3b15e8211f7c7a06b489671fd179cca

SHA256
7424b559510039f01c731672a00b671632417c29d4c9d0052f613fc98af8a869

SHA512
ea9586e9f83271fba681f4d76688c7645b8f36bf8032b9284f314dadbb97460d64d7159c35c8a35858ca15ff121d39761bca791daa8bbda1cabcad9423771780

Download Submit
/data/data/mundolatino.apliblm/files/vinebre_ac.txt

Filesize
19B

MD5
018a542a14f244c02194b6952e7e1f43

SHA1
dc5a3867886436935f57e3a0d66ab8dfe36ed27d

SHA256
fa4b2bfbf99537f325754f518fa9c38fb5b39c924fe12001ace7b773cc090bce

SHA512
84e209ef06fecd346006618b54fe0d74bfa5a5a18c9ffc233b72c95f34cd8feeb23adb632897002bbdc720976e588980b333d08494722e377210cbeaa7e68dc7

Download Submit
/data/data/mundolatino.apliblm/no_backup/com.google.InstanceId.properties

Filesize
2KB

MD5
e966436abf8d05a7e5b69a91e4953e95

SHA1
419de2c4fb31ff5c35cb0c14d1050b3d49d576d8

SHA256
afaea60c3b3108a5edef8b4cbde4ed4fd232a65592882c0450354caeebcc92c0

SHA512
94de690363364c137fea6284fd6c27a62067142aeccc9d7819dbd4c63469bb7193199e52b5d7f2ea7a03b328e025a41ed8e78fa741a9fa6ff6ab4f61504ced43

Download Submit
/data/data/mundolatino.apliblm/oat/x86_64/[email protected]

Filesize
521B

MD5
34474d457a978a941dfbe891b8431210

SHA1
43c17515a7d49fb9ef97c56987cb71652a27bd3b

SHA256
a58fd16fcfc404bfb0d66af55ae1b4f7932abc84519d25781ab04b565dc8c7ff

SHA512
bd8e0e0e0f282ba9fb4e4d4b79706c57281ffcdf7a6c9f91f6ccc123df802213fb548fbdfb3eeed01cc61b3a39354aef7189cf4c5eb75ac84bdfa7defb1f5a68

Download Submit
/data/user/0/mundolatino.apliblm/[email protected]

Filesize
3.2MB

MD5
69cf159b893eefff9a8106cc3ee37e03

SHA1
165207adfe8c6047ce9f3dd38aed50796c1660d1

SHA256
26fb1a790377e11135bf8bfa7552cc2797d351df60154ea032ceeb4463776fdf

SHA512
379960366739517c1c856834227aaa1a30a20a9bab730d4229f200192f2c643b69a3e2e114dbdd743a69577e0b7b477c0d14e71c31ee491e137ec405f79e71aa

Download Submit